Skip to main content

Tag: emerging threats

4579 articles

Government briefing room with podium and American flags, cityscape visible outside window.

Trump Escalates Claims of Election Compromise Despite Debunked Evidence

The White House touted a prime-time speech as proof of foreign interference and widespread voter irregularities, but it fell flat, with critics calling it a dud. Despite claims of a bombshell, the declassified documents so far have failed to validate allegations of election compromise.

Analyst 207
Office email workstation with laptop, papers, and supplies under ordinary lighting.

AI Spam Filters Vulnerable to Text Salting Attacks

Over 1 million retail-themed phishing emails have been detected using a sneaky technique called text salting to evade AI spam filters since April. This clever trick hides harmless words in malicious messages, fooling automated scanners but not the human eye.

Analyst 207
Massive supply ship under construction in a brightly-lit shipyard near the water.

China Builds Massive Supply Ship for Carrier Groups

China is building a massive supply ship that has caught the world's attention, particularly in the US, as it signals a new era of maritime power. This hulking vessel, rising from the shipyard on Longxue Island, is set to support China's carrier groups and challenge traditional naval dominance.

Analyst 207
Bayraktar Kızılelma unmanned combat aerial vehicle on a runway with blurred Turkish landscape background.

Pakistan Air Force Weighs J-35, Kızılelma as F-16 Alternatives

Baykar's Kızılelma UCAV just hit a major milestone, successfully test-firing a Roketsan JET-230 air-launched ballistic missile, further cementing its status as a cutting-edge, strike-capable drone. This latest achievement builds on last year's groundbreaking radar-guided air-to-air missile launch from the same platform.

Analyst 207
Industrial control equipment and network switch on a rack in a brightly-lit control room.

Siemens ROX II Zero-Days Expose Critical Infrastructure Risks

Our research team, in close collaboration with Siemens, uncovered a critical vulnerability chain of three zero-day exploits in Siemens ROX II operational-technology switches, posing significant risks to critical infrastructure security. This chained exploit could allow attackers to escalate from basic reconnaissance to full root-level control.

Analyst 207
Genetic testing lab with modern and traditional equipment, conveying scrutiny and security.

23andMe Agrees to $18m Settlement, New Data Security Mandates

After cracking down on 23andMe's lax security measures, a coalition of 42 US attorneys general, led by New York Attorney General Letitia James, has secured an $18 million settlement and binding data-protection commitments to safeguard customer information. This move comes after a 2023 data breach put millions of 23andMe customers at risk of having their personal info exposed.

Analyst 207
Blurred office background with a single support document on a desk.

Ernst & Young Exposes Client Data in Third-Party Support System Hack

Ernst & Young suffered a data breach when hackers accessed a third-party support system, downloading sensitive client documents between March 28 and April 12. The breach was detected on April 23, prompting the company to alert affected clients and notify authorities.

Analyst 207
Government office with a barricaded door and encrypted computer screen.

Ransomware Targets Government Agencies Daily, Study Reveals

Government agencies are under attack, with ransomware hitting a staggering 187 organizations in just six months - that's one body disrupted every single day, on average. This alarming trend is up 13% from the previous half-year, leaving public services vulnerable and citizens at risk.

Analyst 207
A coding test setup in a brightly-lit computer lab with a laptop and blank screen.

North Korean Hackers Exploit Coding Tests with Steganography-Laced Malware

North Korean hackers are targeting software developers with a sneaky malware attack, hiding steganography-laced payloads in coding tests to steal sensitive data and cryptocurrency. This latest campaign, tracked as REF9403, is just another example of the DPRK's relentless pursuit of valuable information.

Analyst 207
Cluttered, dimly lit room with laptop on worn desk, surrounded by papers and household items.

Carders Seek 'Clean' Residential Proxies to Evade Fraud Controls

Criminals are on the hunt for so-called "clean" residential proxies, a new classification that's emerged in the underground world of payment fraud and carding. These proxies are prized for their spotless usage history, making them harder to detect and allowing scammers to evade fraud controls.

Analyst 207
Man led away by border officers in airport departure hall.

US Misidentifies Russian Hacker in Extradition Bid

A Russian man named Aleksandr Ermakov has been wrongly detained in an Armenian jail on a US extradition request, with his lawyers claiming he is not the REvil ransomware suspect the US is actually after. His family and lawyers are now racing against time to clear his name and prevent his deportation to the US.

Analyst 207
Secure military operations center with autonomous systems and screens displaying data.

Military Autonomy Spurs Race for Trusted Information Infrastructure

The future of military capability hinges on a robust trusted information infrastructure that seamlessly connects autonomous systems, enabling secure and efficient data exchange. This backbone of innovation is now driving Western defense plans and funding.

Analyst 207
Network device on a rack in a brightly-lit data center environment.

CISA Warns of Active Exploits Targeting FortiSandbox Flaws

Critical FortiSandbox flaws, CVE-2026-39808 and CVE-2026-25089, are under active attack by hackers, allowing them to execute malicious commands without needing login credentials. These severe vulnerabilities, scoring 9.1, require immediate attention to prevent devastating remote code execution attacks.

Analyst 207
Smartphone on a neutral surface with blurred background and abstract screen pattern.

EU Orders Google to Open Android to Rival AI Assistants

Google is now required to open up Android to rival AI assistants, a move the company claims could compromise device security by giving external apps sensitive permissions. The European Commission's order, made under the Digital Markets Act, forces Google to grant third-party AI assistants access to Android sensors and system features.

Analyst 207
Formal office setting with laptop, papers, and pen on a desk near a window overlooking a cityscape.

GoSerpent Malware Targets Southeast Asian Governments for Espionage

A stealthy cyber threat, known as GoSerpent, has been secretly targeting Southeast Asian governments and diplomats since late 2025, with the goal of gathering sensitive intelligence. This sophisticated malware has been evolving, with a new set of malicious tools deployed as recently as May 2026.

Analyst 207
Windows laptop on a desk in a home office with a person's hands on the keyboard.

Windows Zero-Day Exploit LegacyHive Grants Hackers Admin Privileges

A security researcher, known as Nightmare Eclipse, has uncovered a new Windows zero-day exploit called LegacyHive, which can grant hackers admin privileges with just a few simple steps and some standard user credentials. This alarming vulnerability targets the Windows User Profile Service, putting users at risk of serious security breaches.

Analyst 207
Office setting with laptop showing Microsoft 365 interface and scattered papers.

ACR Stealer Exploits ClickFix Lures to Target Microsoft 365 Files

Microsoft's Defender Experts team uncovered a sneaky ACR Stealer campaign that uses ClickFix lures to swipe sensitive Microsoft 365 files, browser passwords, and authentication tokens from unsuspecting users. This stealthy attack leaves enterprise environments vulnerable, with stolen data including PDFs, synced OneDrive and SharePoint folders, and more.

Analyst 207
Technician applies security patch to computer system, symbolizing vulnerability fix.

CISA Orders Emergency Patch for Exploited Fortinet Vulnerabilities

The US Cybersecurity and Infrastructure Security Agency (CISA) has issued an emergency directive requiring federal agencies to patch or mitigate two critical Fortinet vulnerabilities within a tight three-day window, underscoring the severity of these flaws. This urgent action follows the discovery of a critical OS command injection vulnerability in FortiSandbox, allowing attackers to execute unauthorized code or commands.

Analyst 207
Rows of computer servers and racks with technicians in the background.

Windows Server 2022 Approaches End of Mainstream Support

Mark your calendars: Windows Server 2022 will reach the end of its mainstream support on October 13, 2026, after which it will transition into extended support, still receiving security updates through October 14, 2031.

Analyst 207
Hand reaches for Android smartphone with blurred lock screen on a flat surface.

Google scrambles to fix Android bug that lets Gemini bypass lock screen security

Google is racing to squash a newly discovered Android bug that allows sneaky users to bypass lock screen security and send SMS or WhatsApp messages using Gemini, all without entering the device PIN. A fix has already been implemented and is set to roll out this week.

Analyst 207
Rows of computer equipment hum in a brightly-lit, bustling server room.

The Gentlemen Ransomware Gang Surges to Top Spot

The Gentlemen ransomware gang has surged to the top spot, unleashing a whopping 300 attacks in just three months thanks to its aggressive recruitment of affiliates and user-friendly intrusion kit. This makes them the most active ransomware group, outpacing even the notorious Qilin affiliate operation.

Analyst 207
Formal law enforcement setting with daylight through tall windows, suggesting official activity.

US Prosecutors Charge Two in $43 Million Investment Fraud Laundering Scheme

For nearly two years, Zhuoying Chen and Haojie Zhang allegedly masterminded a brazen $43 million investment fraud laundering scheme, preying on innocent victims and funneling their life savings into bank accounts in China. The sophisticated network, involving over a dozen people, was recently dismantled by US authorities.

Analyst 207
Network security appliance sits on a table in a government agency setting.

CISA Warns of Actively Exploited Fortinet Flaws

The US Cybersecurity and Infrastructure Security Agency (CISA) has sounded the alarm on actively exploited Fortinet flaws, warning federal agencies to patch two vulnerabilities in the Fortinet FortiSandbox platform by July 19 to avoid potential breaches. Don't wait - prioritize patching to protect your systems from exploitation.

Analyst 207
Government agency server room with rows of computer equipment and SharePoint technology setup.

CISA Flags Exploited SharePoint Zero-Day Vulnerability

Don't wait until it's too late: Federal agencies have until July 19, 2026, to patch a critical Microsoft SharePoint Server vulnerability, CVE-2026-58644, that's already being exploited by hackers to execute malicious code remotely. This high-severity flaw, with a CVSS score of 9.8, could allow attackers to take control of your SharePoint Server if left unpatched.

Analyst 207